1. Field of the Invention
Implementations described herein relate generally to network attacks and, more particularly, to tools for mitigating distributed denial of service (DDoS) attacks, and other forms of attacks.
2. Description of Related Art
DDoS attacks are a real, growing threat to businesses worldwide. Designed to elude detection by today's most popular tools, these attacks can quickly incapacitate a targeted business, costing victims thousands, if not millions, of dollars in lost revenue and productivity.
DDoS attacks paralyze Internet systems by overwhelming servers, network links, and network devices (e.g., routers, firewalls, etc.) with bogus traffic. Easily launched against limited defenses, DDoS attacks not only target individual web sites or other servers at the edge of the network, but they also subdue the network itself.
The growing dependence on the Internet makes the impact of successful DDoS attacks increasingly painful (financially and otherwise) for service providers, enterprises, and government agencies. Newer, more powerful DDoS tools promise to unleash even more destructive attacks in the months and years to come.
Because DDoS attacks are among the most difficult to defend against, responding to them appropriately and effectively poses a tremendous challenge for all Internet-dependent organizations. Network devices and traditional perimeter security technologies, such as firewalls and intrusion detection systems (IDSs), although important components of an overall security strategy, do not by themselves provide comprehensive DDoS protection.
Current techniques used to deal with DDoS attacks fall short in terms of mitigation and ensuring business continuity. Some of the more popular DDoS responses, such as blackholing and router filtering, are not optimized to deal with the increasingly sophisticated attacks being seen today. IDSs offer some excellent attack detection capabilities, but cannot mitigate the impact of the attacks. Firewalls offer a rudimentary level of protection but, like blackholing and router filtering, they were not designed to protect against the types of advanced attacks that are so common today. Still other strategies, such as overprovisioning, do not provide adequate protection against ever larger attacks, and they are far too costly as a DDoS prevention strategy.